1. Technical Field
Embodiments of the present application generally relate to secure data transaction systems and, in particular, to a method and apparatus for connecting to a security token without restarting an application.
2. Description of the Related Art
Various types of security information may be used to verify a user with certain computer systems and authenticate user-related data. The security information may be provided to a computer system using cryptographic information (e.g., keys, security certificates, personal information and/or the like) along with cryptographic functions to create secure sessions on the computer system.
Certain devices store crypto-keys and implement the cryptographic functions. These devices are referred to as security tokens and may include hardware security modules (HSM) to retain the security token. The security tokens are often supplied with a native implementation of a cryptographic standard (e.g., PKCS#11: Cryptographic Token Interface Standard by RSA Laboratories). Applications that utilize the cryptographic functions dynamically link to a library (i.e., a PKCS#11 library) that handles communication between the security token and the computer.
Software applications (e.g., ADOBE Acrobat and LiveCycle) support various security tokens, (e.g., PKCS#11 compliant devices, such as hardware security modules (HSM)) for signing digital documents. These security devices include USB or PCI based dedicated devices. Accordingly, the USB security devices can be removed from a slot and another device reinserted in a same or different slot. Standard Java-based providers executing a Java Virtual Machine to support the Java Cryptography Extension and operating the PKCS#11 compliant devices are unable to reconnect to these security devices after the device is brought down and up again (i.e., a security token reinsertion), which causes session invalidation and requires the Java Virtual Machine to be restarted in order to reconnect the device. Thus, each time a security device is removed and reinserted, the program handling the security token processing must be restarted.
Therefore, there is a need in the art for a method and apparatus for re-connecting a security token after a disconnection without restarting an application that supports the use of the security token.